close
close

Microsoft details security and privacy changes in Windows Recall before restarting

Posted on by darion

Updated Recall intro screen with clearly visible opt-in and opt-out buttons; Microsoft says the Recall feature will be available by default and can even be completely removed from PCs.
Increase / Updated Recall intro screen with clearly visible opt-in and opt-out buttons; Microsoft says the Recall feature will be available by default and can even be completely removed from PCs.

Microsoft

Microsoft is once again taking a swipe at the controversial Recall feature for Copilot+ Windows computers after the original version crashed and burned during scrutiny by security researchers and testers over the summer. The previous version of Recall recorded screenshots and OCR text of all user actions and stored them unencrypted on disk where another PC user or an attacker with remote access could easily access them.

This feature was announced in late May, without undergoing any of the public Windows Insider testing that is available for most new Windows features, and was scheduled for release on new PCs on June 18; by June 13, the company delayed it indefinitely to redesign it and stated that it would be tested through normal channels before being released to the public.

Today, Microsoft shared more detailed information about the exact change to Recall’s security architecture in a post written by Microsoft’s vice president of enterprise and operating systems security, David Weston.

Safer, also optional

Abstraction of the new Recall security architecture, which replaces the old, largely defunct security architecture.
Increase / Abstraction of the new Recall security architecture, which replaces the old, largely defunct security architecture.

Microsoft

The general premise of today’s announcement is similar to the changes Microsoft originally announced over the summer for Recall: that the feature will be turned on and off by default rather than being able to opt out, and that users will need to re-authenticate with Windows Hello before accessing any Recall data. Locally stored Recall data will be protected by additional encryption.

However, some details show how Microsoft is trying to placate skeptical users. For example, Recall can now be completely removed from your system via the “optional features” settings in Windows (when a similar removal mechanism appeared in Windows Preview earlier this month, Microsoft claimed it was a “bug,” but apparently it isn’t ). .

The company also provides more information on how Windows will protect data locally. All Recall data stored locally, including “snapshots and any related information in the vector database”, will be encrypted at rest using keys stored in your system’s TPM; According to the blog post, Recall will only work if BitLocker or device encryption is fully enabled. Retirement will also require the inclusion of virtualization-based security (VBS) and hypervisor-protected code integrity (HVCI); these are features that people sometimes disable to improve game performance, but Recall reportedly refuses to work if they are not enabled.

This is because the new Recall runs in a VBS enclave, which helps isolate and secure in-memory data from the rest of the system.

“This area acts as a locked box that can only be accessed with permission from the user via Windows Hello,” Weston writes. “VBS enclaves provide a boundary of isolation from both the kernel and administrative users.”

Windows does not allow any code that has not been signed by Microsoft to run in these enclaves, which should reduce the risk of Recall data being exposed to malware or other rogue applications. Other anti-malware protections new in this version of Recall include “rate limiting and attack prevention measures.”